package com.hrm.controller;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.beanutils.BeanUtils;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.hrm.domain.JSONUserResult;
import com.hrm.domain.PageHelper;
import com.hrm.domain.User;
import com.hrm.service.UserService;
import com.hrm.service.Impl.UserServiceImpl;

/*
 * 用户控制层
 */
@WebServlet(urlPatterns = { "/login", "/register", "/modifyPWD", "/outLogin", "/lNameCheck", "/phoneCheck", "/getUsers",
		"/delUser", "/delUsers", "/enableUsers", "/disableUsers", "/addUser", "/modifyUser", "/modifyPBOP" })
@SuppressWarnings("all") // 使用注解抑制警告信息
public class UserController extends HttpServlet {

	// 定义全局变量
	private UserService us = new UserServiceImpl(); // CURD用户数据

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		String url = request.getRequestURI(); // 获取跳转路径
		// 进行截取并判断
		String operator = url.substring(url.lastIndexOf("/") + 1);
		if ("login".equals(operator)) { // 登录
			userLogin(request, response);
		} else if ("register".equals(operator)) { // 注册
			userRegister(request, response);
		} else if ("modifyPWD".equals(operator)) { // 通过手机号修改密码
			modifyPWDByPhone(request, response);
		} else if ("outLogin".equals(operator)) { // 退出登录
			outLogin(request, response);
		} else if ("lNameCheck".equals(operator)) { // 验证账号是否存在
			lNameCheck(request, response);
		} else if ("phoneCheck".equals(operator)) { // 验证账号是否存在
			phoneCheck(request, response);
		} else if ("getUsers".equals(operator)) { // 分页查询
			getUsers(request, response);
		} else if ("delUser".equals(operator)) { // 删除指定用户
			delUser(request, response);
		} else if ("delUsers".equals(operator)) { // 删除多个用户
			delUsers(request, response);
		} else if ("enableUsers".equals(operator)) { // 启用多个用户
			enableUsers(request, response);
		} else if ("disableUsers".equals(operator)) { // 禁用多个用户
			disableUsers(request, response);
		} else if ("addUser".equals(operator)) { // 添加用户
			addUser(request, response);
		} else if ("modifyUser".equals(operator)) { // 修改指定用户的数据
			modifyUser(request, response);
		} else if ("modifyPBOP".equals(operator)) { // 根据原密码修改密码
			modifyPBOP(request, response);
		}
	}

	// 登录验证
	private void userLogin(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// 先得到客户端提交上来的用户名和密码以及验证码
		String loginName = request.getParameter("loginname");
		String password = request.getParameter("password");
		String checkCode = request.getParameter("captcha");
		// 调用数据访问层中登录的方法
		User user = us.getUserByNP(loginName, password);
		// 获取所有cookie,遍历判断是否为免登录状态
		int flag = 0;
		Cookie[] cookies = request.getCookies();
		for (Cookie cookie : cookies) {
			if (cookie.getName().equals("lname")) { // 说明为免登录状态
				flag = 1;
			}
		}
		// 获取存储在session中的数据
		HttpSession session = request.getSession();
		Object obj = session.getAttribute("CHECKCODE");
		// 判断验证码是否一致,忽略大小写
		if (obj.toString().equalsIgnoreCase(checkCode) || flag == 1) { // 说明验证码一致或者为免登录状态
			if (user != null) { // 说明登录成功了
				if (user.getuStatus() == 1) {
					// 将获取到的用户对象转为json格式的数据并存入session中
					String userJson = JSON.toJSONString(user);
					request.getSession().setAttribute("user", userJson);
					//将用户名放入session中
					String unJson = JSON.toJSONString(user.getuName());
					request.getSession().setAttribute("uName", unJson.replaceAll("\"", ""));
					// 设置session的有效期
					request.getSession().setMaxInactiveInterval(300);
					// 获取勾选框信息并判断是否勾选了免登录
					String autoLogin = request.getParameter("autoLogin");
					if ("on".equals(autoLogin)) { // 当勾选了自动登录添加cookie
						Cookie lName = new Cookie("lname", loginName);
						Cookie lPWD = new Cookie("lpwd", password);
						lName.setMaxAge(604800);
						lPWD.setMaxAge(604800);
						// 添加cookie
						response.addCookie(lName);
						response.addCookie(lPWD);
					}
					request.setAttribute("msg", "登录成功!");
					request.getRequestDispatcher("login.jsp").forward(request, response);
					// response.sendRedirect("main.action");
				} else {
					// 把错误信息存储在request域对象当中
					request.setAttribute("msg", "您的账号处于禁用状态!");
					request.getRequestDispatcher("login.jsp").forward(request, response);
				}
			} else { // 登录失败，账号或密码不正确
				// 把错误信息存储在request域对象当中
				request.setAttribute("msg", "账号或密码错误!");
				request.getRequestDispatcher("login.jsp").forward(request, response);
			}
		} else {
			request.setAttribute("msg", "验证码错误!");
			request.getRequestDispatcher("login.jsp").forward(request, response);
		}
	}

	// 注册
	private void userRegister(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// 获取客户端提交的参数
		String loginName = request.getParameter("lname");
		String password = request.getParameter("password");
		String userName = request.getParameter("username");
		String phone = request.getParameter("phone");
		String checkCode = request.getParameter("captcha");
		// 获取存储在session中的数据
		HttpSession session = request.getSession();
		Object obj = session.getAttribute("CHECKCODE");
		if ("超级管理员".equals(userName)) {
			request.setAttribute("msg", "权限不足!");
			request.getRequestDispatcher("register.jsp").forward(request, response);
		}
		// 判断验证码是否一致,忽略大小写
		if (obj.toString().equalsIgnoreCase(checkCode)) { // 说明验证码是一致的
			// 判断账号是否存在
			User u1 = us.getUserByLN(loginName);
			if (u1 == null) { // 说明账号不存在,可以注册
				// 判断手机号是否重复
				User u2 = us.getUserByPhone(phone);
				if (u2 == null) { // 说明手机号没有重复,可以注册
					User user = new User(loginName, password, userName, phone);
					int iret = 0;
					iret = us.addUser(user);
					if (iret > 0) { // 注册成功
						// 先把错误信息存储在request域对象当中
						request.setAttribute("msg", "注册成功!");
						request.getRequestDispatcher("register.jsp").forward(request, response);
					} else {
						// 先把错误信息存储在request域对象当中
						request.setAttribute("msg", "注册失败!");
						request.getRequestDispatcher("register.jsp").forward(request, response);
					}
				} else {
					// 先把错误信息存储在request域对象当中
					request.setAttribute("msg", "手机号重复注册!");
					request.getRequestDispatcher("register.jsp").forward(request, response);
				}
			} else {
				request.setAttribute("msg", "账号重复注册!");
				request.getRequestDispatcher("register.jsp").forward(request, response);
			}
		} else {
			request.setAttribute("msg", "验证码错误!");
			request.getRequestDispatcher("register.jsp").forward(request, response);
		}
	}

	// 修改密码
	private void modifyPWDByPhone(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// 获取客户端提交的参数
		String loginName = request.getParameter("lname");
		String newPWD = request.getParameter("pwd");
		String phone = request.getParameter("phone");
		int iret = 0;
		// 根据账号获取用户数据
		User user = us.getUserByLN(loginName);
		if (user != null) {
			// 判断输入的手机号和要修改的用户是否匹配
			if (user.getuPhone().equals(phone)) { // 匹配,执行修改
				iret = us.modifyPWDByPhone(newPWD, phone);
				if (iret > 0) { // 修改成功
					request.setAttribute("msg", "修改成功!");
					request.getRequestDispatcher("forgetpwd.jsp").forward(request, response);
				} else { // 修改失败
					request.setAttribute("msg", "修改失败!");
					request.getRequestDispatcher("forgetpwd.jsp").forward(request, response);
				}
			} else { // 不匹配
				request.setAttribute("msg", "账号与手机号不一致!");
				request.getRequestDispatcher("forgetpwd.jsp").forward(request, response);
			}
		} else {
			request.setAttribute("msg", "修改失败,账号不存在!");
			request.getRequestDispatcher("forgetpwd.jsp").forward(request, response);
		}
	}

	// 退出登录
	private void outLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 清除全部cookie和session中的值并且重定向至登录页
		request.getSession().removeAttribute("user");
		Cookie[] cookies = request.getCookies();
		for (Cookie cookie : cookies) {
			if (cookie.getName().equals("lname") || cookie.getName().equals("lpwd")) {
				cookie.setMaxAge(0); // 设置为0销毁
				response.addCookie(cookie);
			}
		}
		// 返回登录页
		response.sendRedirect("login.jsp");
	}

	// 验证账号是否存在
	private void lNameCheck(HttpServletRequest request, HttpServletResponse response) {
		String loginName = request.getParameter("loginname"); // 获取客户端提交的参数
		String msg = "false"; // 定义返回信息
		// 判断账号是否存在
		User user = us.getUserByLN(loginName);
		if (user != null) { // 说明账号存在
			msg = "true";
		}
		// 把msg的结果响应给客户端
		PrintWriter out = null;
		try {
			out = response.getWriter();
		} catch (IOException e) {
			e.printStackTrace();
		}
		out.write(msg);
		out.flush();
		out.close();
	}

	// 验证手机号是否存在
	private void phoneCheck(HttpServletRequest request, HttpServletResponse response) {
		String phone = request.getParameter("phone"); // 获取客户端提交的参数
		String msg = "false"; // 定义返回信息
		// 判断账号是否存在
		User user = us.getUserByLN(phone);
		if (user != null) { // 说明手机号存在
			msg = "true";
		}
		// 把msg的结果响应给客户端
		PrintWriter out = null;
		try {
			out = response.getWriter();
		} catch (IOException e) {
			e.printStackTrace();
		}
		out.write(msg);
		out.flush();
		out.close();
	}

	// 分页查询
	private void getUsers(HttpServletRequest request, HttpServletResponse response)
			throws IOException, ServletException {
		PageHelper ph = new PageHelper(); // 简化分页查询
		List<User> users = new ArrayList<>(); // 用于存储查询到的数据
		int count = 0; // 用于记录数据条数
		int flag = 4; // 用于判断情况
		String uname = request.getParameter("uname");
		int status = Integer.parseInt(request.getParameter("status"));
		// 获取查询出的数据记录数,并设置模糊查询
		if ("".equals(uname) && status == 0) { // 两个查询条件都没有输入时
			flag = 1;
			count = us.getCount(flag);
		} else if (!("".equals(uname)) && status == 0) { // 只输入了用户名
			flag = 2;
			uname = "%" + uname + "%";
			count = us.getCount(flag, uname);
		} else if ("".equals(uname) && status != 0) { // 只输入了用户状态
			flag = 3;
			count = us.getCount(flag, status);
		} else {
			uname = "%" + uname + "%";
			count = us.getCount(flag, uname, status);
		}
		ph.setPageIndex(1); // 设置当前页的初始数据
		// 获取当前页
		String pageNo = request.getParameter("pageNo");
		if (pageNo != null) { // 说明点了页码
			ph.setPageIndex(Integer.parseInt(pageNo)); // 重新设置页码
			ph.setTotalPageSum(ph.getTotalPageSum()); // 重新设置总页数
		}
		ph.setPageSize(ph.getPageSize()); // 设置每页显示的记录条数
		ph.setTotalRecordSum(count); // 设置总记录条数
		// 获取当前页的数据
		if (flag == 1) { // 两个查询条件都没有输入时
			users = us.getUsersByTerm(flag, ph.getStartRowNum(), ph.getPageSize());
		} else if (flag == 2) { // 只输入了用户名
			users = us.getUsersByTerm(flag, uname, ph.getStartRowNum(), ph.getPageSize());
		} else if (flag == 3) { // 只输入了用户状态
			users = us.getUsersByTerm(flag, status, ph.getStartRowNum(), ph.getPageSize());
		} else { // 输入了两个查询条件
			users = us.getUsersByTerm(flag, uname, status, ph.getStartRowNum(), ph.getPageSize());
		}
		ph.setTotalPageSum(ph.getTotalPageSum()); // 设置总页数
		// 将查询到的数据转化为json
		JSONUserResult aur = new JSONUserResult();
		aur.setList(users);
		aur.setPh(ph);
		if (users != null && users.size() > 0) {
			aur.setMsg("success");
		}
		// 把aur对象转换成json数据
		String usersJson = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(usersJson);
		out.flush();
		out.close();
	}

	// 删除用户
	private void delUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
		String loginName = request.getParameter("lname");
		// 删除指定用户
		String msg = ""; // 定义返回信息
		// 权限判断
		User user = us.getUserByLN(loginName);
		if ("超级管理员".equals(user.getuName())) { // 权限不足
			msg = "fail";
		} else {
			int iret = us.delUser(loginName);
			if (iret > 0) {
				msg = "success"; // 成功
			} else {
				msg = "f"; // 失败
			}
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 删除多个用户
	private void delUsers(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传过来的数据
		String lnsJSON = request.getParameter("lns");
		// 将JSON数组转换为集合
		List<String> lns = JSON.parseArray(lnsJSON, String.class);
		int flag = 0; // 标识符判断权限问题
		int iret = 0; // 判断删除是否成功
		String msg = ""; // 定义返回信息
		// 循环判断
		for (int i = 0; i < lns.size(); i++) {
			String nl = lns.get(i).replaceAll(" ", "");
			User user = us.getUserByLN(nl);
			if ("超级管理员".equals(user.getuName())) { // 权限不足
				flag = 1;
			} else { // 删除
				iret += us.delUser(nl);
			}
		}
		if (flag == 0 && iret > 0) { // 删除成功
			msg = "success";
		} else if (flag > 0 && iret == 0) { // 权限不足
			msg = "fail";
		} else { // 删除成功 但有权限问题
			msg = "jurisdiction";
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 启用多个用户
	private void enableUsers(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传过来的数据
		String lnsJSON = request.getParameter("lns");
		// 将JSON数组转换为集合
		List<String> lns = JSON.parseArray(lnsJSON, String.class);
		int flag = 0; // 标识符判断权限问题
		int flag2 = 0; // 判断是否重复置于启用状态
		Set<Integer> flag3 = new HashSet<>(); // 总标识符,多种情况判断
		int iret = 0; // 判断删除是否成功
		String msg = ""; // 定义返回信息
		// 循环判断
		for (int i = 0; i < lns.size(); i++) {
			String nl = lns.get(i).replaceAll(" ", "");
			User user = us.getUserByLN(nl);
			if ("超级管理员".equals(user.getuName())) { // 权限不足
				flag = 1;
			}
			if (flag == 0 && 1 == user.getuStatus()) { // 只有不是超级管理员才会判断是否重复启用
				flag2 = 1;
			}
			if (flag == 0 && flag2 == 0) { // 没有权限问题且没有重复启用,执行修改
				flag3.add(0);
				us.modefyStaByLN(1, nl);
			}
			if (flag == 1 && flag2 == 0) { // 权限不足
				flag3.add(1);
			} else if (flag == 0 && flag2 == 1) { // 重复启用
				flag3.add(2);
			}
			// 重置标识符
			flag = 0;
			flag2 = 0;
		}
		if (flag3.size() == 1 && flag3.contains(0)) { // 启用成功
			msg = "success";
		} else if (flag3.size() == 1 && flag3.contains(1)) { // 权限不足
			msg = "fail";
		} else if (flag3.size() == 1 && flag3.contains(2)) { // 重复启用
			msg = "repeat";
		} else if (flag3.size() == 2 && flag3.contains(0) && flag3.contains(1)) { // 部分成功,但有权限不足
			msg = "sf";
		} else if (flag3.size() == 2 && flag3.contains(0) && flag3.contains(2)) { // 部分成功,但有重复启用
			msg = "sr";
		} else if (flag3.size() == 2 && flag3.contains(1) && flag3.contains(2)) { // 部分成功,但有权限不足和重复启用
			msg = "fr";
		} else if (flag3.size() == 3) { // 部分成功,但有权限不足和重复启用
			msg = "sfr";
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 禁用多个用户
	private void disableUsers(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传过来的数据
		String lnsJSON = request.getParameter("lns");
		// 将JSON数组转换为集合
		List<String> lns = JSON.parseArray(lnsJSON, String.class);
		int flag = 0; // 标识符判断权限问题
		int flag2 = 0; // 判断是否重复置于启用状态
		Set<Integer> flag3 = new HashSet<>(); // 总标识符,多种情况判断
		int iret = 0; // 判断删除是否成功
		String msg = ""; // 定义返回信息
		// 循环判断
		for (int i = 0; i < lns.size(); i++) {
			String nl = lns.get(i).replaceAll(" ", "");
			User user = us.getUserByLN(nl);
			if ("超级管理员".equals(user.getuName())) { // 权限不足
				flag = 1;
			}
			if (flag == 0 && 2 == user.getuStatus()) { // 只有不是超级管理员才会判断是否重复禁用
				flag2 = 1;
			}
			if (flag == 0 && flag2 == 0) { // 没有权限问题且没有重复启用,执行禁用
				flag3.add(0);
				us.modefyStaByLN(2, nl);
			}
			if (flag == 1 && flag2 == 0) { // 权限不足
				flag3.add(1);
			} else if (flag == 0 && flag2 == 1) { // 重复禁用
				flag3.add(2);
			}
			// 重置标识符
			flag = 0;
			flag2 = 0;
		}
		if (flag3.size() == 1 && flag3.contains(0)) { // 修改成功
			msg = "success";
		} else if (flag3.size() == 1 && flag3.contains(1)) { // 权限不足
			msg = "fail";
		} else if (flag3.size() == 1 && flag3.contains(2)) { // 重复禁用
			msg = "repeat";
		} else if (flag3.size() == 2 && flag3.contains(0) && flag3.contains(1)) { // 部分成功,但有权限不足
			msg = "sf";
		} else if (flag3.size() == 2 && flag3.contains(0) && flag3.contains(2)) { // 部分成功,但有重复禁用
			msg = "sr";
		} else if (flag3.size() == 2 && flag3.contains(1) && flag3.contains(2)) { // 部分成功,但有权限不足和重复禁用
			msg = "fr";
		} else if (flag3.size() == 3) { // 部分成功,但有权限不足和重复禁用
			msg = "sfr";
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 添加用户
	private void addUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传递的参数
		String lName = request.getParameter("lname");
		String uName = request.getParameter("uname");
		String pwd = request.getParameter("pwd");
		String phone = request.getParameter("phone");
		String msg = ""; // 定义返回消息
		// 多种判断,防止异常
		if (lName != "" && uName != "" && pwd != "" && phone != "") {
			// 判断账号和手机号是否重复
			User u1 = us.getUserByLN(lName);
			User u2 = us.getUserByPhone(phone);
			if (u1 == null && u2 == null) {
				// 进行添加
				User user = new User(lName, pwd, uName, phone);
				us.addUser(user);
				msg = "success";
			} else if (u1 != null) { // 账号重复
				msg = "rl";
			} else if (u2 != null) { // 手机号重复
				msg = "rp";
			} else { // 账号和手机号都重复
				msg = "rlp";
			}
		} else {
			msg = "fail"; // 存在空数据
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 修改指定用户的数据
	private void modifyUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传递的参数
		String olName = request.getParameter("oldlname");
		String nlName = request.getParameter("newlname");
		String uName = request.getParameter("uname");
		String pwd = request.getParameter("pwd");
		String phone = request.getParameter("phone");
		int status = Integer.parseInt(request.getParameter("status"));
		String msg = ""; // 定义返回消息
		// 获取原生user数据用于判断
		User oldUser = us.getUserByLN(olName);
		// 多种判断,防止异常
		if (nlName != "" && uName != "" && pwd != "" && phone != "" && status != 0) {
			// 判断账号和手机号是否重复
			User u1 = us.getUserByLN(nlName); // 账号
			User u2 = us.getUserByPhone(phone); // 手机号
			if ((u1 == null && u2 == null)
					|| (u1 == null && (u2 != null && oldUser.getuPhone().equals(u2.getuPhone()))
							|| (u2 == null && (u1 != null && oldUser.getUloginName().equals(u1.getUloginName()))))
					|| ((u2 != null && oldUser.getuPhone().equals(u2.getuPhone())
							&& (u1 != null && oldUser.getUloginName().equals(u1.getUloginName()))))) { // 原账号,手机号相同都可以修改
				// 进行修改
				User user = new User(nlName, pwd, uName, phone, status, oldUser.getuID());
				us.modifyUser(user);
				msg = "success";
			} else if (((u1 != null && !oldUser.getUloginName().equals(u1.getUloginName()))
					&& (((u2 != null && oldUser.getuPhone().equals(u1.getuPhone())))))
					|| ((u1 != null && !oldUser.getUloginName().equals(u1.getUloginName())) && u2 == null)) { // 账号重复
				// 账号不为空,并且和原账号不相等 手机号不相等
				msg = "rl";
			} else if (((u2 != null && !oldUser.getuPhone().equals(u2.getuPhone())) && u1 == null)
					|| (((u2 != null && !oldUser.getuPhone().equals(u2.getuPhone()))
							&& (u1 != null && oldUser.getUloginName().equals(u1.getUloginName()))))) { // 手机号重复
				msg = "rp";
			} else { // 账号和手机号都重复
				msg = "rlp";
			}
		} else {
			msg = "fail"; // 存在空数据
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	// 根据原密码修改密码
	private void modifyPBOP(HttpServletRequest request, HttpServletResponse response) throws IOException {
		// 获取前台传递的参数
		String oldPWD = request.getParameter("oldp");
		String newPWD = request.getParameter("newp");
		String cPWD = request.getParameter("confirmp");
		String msg = ""; // 定义返回消息
		// 获取原生user数据用于判断
		User user = JSON.parseObject((String) request.getSession().getAttribute("user"), User.class);
		// 多种判断,防止异常
		if (oldPWD != "" && newPWD != "" && cPWD != "") {
			if (user.getuPWD().equals(oldPWD)) {
				if (!oldPWD.equals(newPWD)) {
					if (newPWD.equals(cPWD)) {
						msg = "success";
						// 执行修改
						us.modifyPWDByID(user.getuID(), newPWD);
						//修改完后需要重置session中存储的user数据
						User nUser = us.getUserByLN(user.getUloginName());
						String userJson = JSON.toJSONString(nUser);
						request.getSession().setAttribute("user", userJson);
					} else { // 新密码输入不一致
						msg = "byz";
					}
				} else { // 原密码与新密码相同
					msg = "repeat";
				}
			} else { // 原密码输入错误
				msg = "err";
			}
		} else {
			msg = "fail"; // 存在空数据
		}
		// 将返回信息封装
		JSONUserResult aur = new JSONUserResult();
		aur.setMsg(msg);
		// 把aur对象转换成json数据
		String mJSON = JSON.toJSONString(aur);
		// 把结果响应给客户端
		PrintWriter out = response.getWriter();
		out.write(mJSON);
		out.flush();
		out.close();
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}

}
